Aaron Bohannon

Ph.D. Student
University of Pennsylvania
Department of Computer and Information Science

Email

bohannon|@|cis|.|upenn|.|edu

Status

I successfully defended my dissertation on Feb 7, 2012 and officially graduated in the Spring 2012 semester. However, I have left my web page intact for the time being. I now work at Google, Inc in New York City. For more recent information about me, check my personal web site.

Research

The goal of my dissertation research has been to apply mathematical rigor to the design and enforcement of web browser information security policies. This will involve three key steps:

1. Develop a state machine model appropriate for web browsers and investigate notions of noninterference for such machines (published at CCS 2009).
2. Design a formal semantics for a web browser that is an instance of such a state machine (to be published at WebApps 2010, browser model code here).
3. Design a noninterference-based security policy for the web browser that is comparable to the same-origin policy, and investigate enforcement techniques that are provably sound with respect to this policy.

I have been involved in the POPLmark project at Penn and am interested in comparing techniques for representing inductive data types with binding in the Coq proof assistant.

I have worked on extending the results from the Harmony project to bi-directional transformations on relational data and string data.

My advisor is Benjamin Pierce.

Dissertation

I defended my dissertation on Feb 7, 2012, and I submitted the final draft to the university on Apr 16, 2012.

• Foundations of Web Script Security. PhD thesis, University of Pennsylvania, 2012. (accompanying Coq code)

Abstract:

A web browser works with data and scripts from different sources, and these sources are not all trusted equally by the user of the browser. This fact requires web browser designers to take special care in order to keep information secure within the browser: data from one source should not be stolen or corrupted by a script from another source. This aspect of web browser design is what we will call web script security.

The effectiveness of security checks designed to enforce web script security must ultimately be judged in terms of their effect on the outwardly visible behavior of the browser. In light of this fact, this dissertation defines a policy for web script security to refer to a logical constraint on a browser's behavior, stated exclusively in terms of the aspects that are outwardly visible, either to the network or to the user. Such end-to-end policies are naturally appealing. However, there is a reason they are rarely used for real-world systems: it is usually very unclear how to write down precise, flexible security policies of this sort. Supposing that one could write down such policies for web script security, a second obstacle would then arise: the problem of drawing a precise connection between such end-to-end policies and the security mechanisms that one would actually implement in a browser.

This dissertation demonstrates that such information security policies for web browsers can in fact be written down—precisely and without reference to security enforcement mechanisms implemented inside the browser. Moreover, the mechanisms for enforcing those policies can be designed and formally proved correct within mathematical models of web browsers that are detailed enough to capture the inherent complexities of the domain. This dissertation supports these claims by (1) introducing mathematical tools for stating and proving end-to-end information security properties for software systems that are driven by buffered, asynchronous I/O; (2) introducing a particular mathematical model of a web browser that is accompanied by a security policy for confidentiality and is equipped with security mechanisms intended to enforce the policy; and (3) offering a proof that the security mechanisms in the model do enforce the policy, a proof which has been mechanized and verified in the Coq proof assistant.

Publications

• Featherweight Firefox: Formalizing the Core of a Web Browser. Aaron Bohannon and Benjamin Pierce. In Proceedings of the USENIX Conference on Web Application Development (WebApps), 2010. (browser model code)
• Reactive Noninterference. Aaron Bohannon, Benjamin C. Pierce, Vilhelm Sjöberg, Stephanie Weirich, and Steve Zdancewic. In Proceedings of the ACM Computer and Communications Security Conference (CCS), 2009.
• Sequent Calculi and Abstract Machines. Zena M. Ariola, Aaron Bohannon, Amr Sabry. In ACM Transactions on Programming Languages and Systems (TOPLAS), Volume 31, Issue 4, May 2009.
• Boomerang: Resourceful Lenses for String Data. Aaron Bohannon, J. Nathan Foster, Benjamin C. Pierce, Alexandre Pilkiewicz, and Alan Schmitt. In Proceedings of the ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), 2008.
• Nominal Reasoning Techniques in Coq. Brian Aydemir, Aaron Bohannon, and Stephanie Weirich. In Proceedings of the International Workshop on Logical Frameworks and Meta-Languages: Theory and Practice (LFMTP), 2006.
• Relational Lenses: A Language for Updateable Views. Aaron Bohannon, Jeffrey A. Vaughan, and Benjamin C. Pierce. In Proceedings of the ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems (PODS), 2006.
• Mechanized Metatheory for the Masses: The POPLmark Challenge. Brian E. Aydemir, Aaron Bohannon, Matthew Fairbairn, J. Nathan Foster, Benjamin C. Pierce, Peter Sewell, Dimitrios Vytiniotis, Geoffrey Washburn, Stephanie Weirich, and Steve Zdancewic. In Proceedings of the International Conference on Theorem Proving in Higher Order Logics (TPHOLs), 2006.

Academic History

• Master of Science in Computer Science, University of Oregon, 2004 (Eugene, OR)
  • Advisor: Zena Ariola
  • Thesis: Sequent Calculus and Abstract Machines
• Bachelor of Arts in Mathematics, Northwestern University, 2001 (Evanston, IL)
• Bachelor of Music in Music Theory, Northwestern University, 2001 (Evanston, IL)

In 1996 I graduated from high school in Emmett, Idaho. I spent two years at the College of Idaho before transferring to Northwestern University in 1998.